package cn.china.springbootshiromybatis.controller;

import entity.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class LoginController {

    @RequestMapping("/login/{name}/{password}")
    public String login(@PathVariable("name") String name, @PathVariable("password") String password) {
        System.out.println("我是Controller中的login方法");
        //添加用户认证信息
       User user=new User();
       user.setUsername(name);
       user.setPassword(password);

        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(
                user.getUsername(),
                user.getPassword()
        );
        try {
            //进行验证,这里可以捕获异常，然后返回对应信息
            /*调用login是会自动调用CustomRealm中的doGetAuthenticationInfo方法*/
            subject.login(usernamePasswordToken);
            /*调用checkRole和checkPermission是会自动调用CustomRealm中的doGetAuthorizationInfo*/
            subject.checkRole("admin");//如果查询的用户没有admin这个角色,就会报异常,不允许访问
            subject.checkPermission("query");//如果查询的用户没有query,add权限,就会报异常,不允许访问

            System.out.println("我是doGetAuthenticationInfo返回的simpleAuthenticationInfo");

        } catch (AuthenticationException e) {
            e.printStackTrace();
            return "账号或密码错误！";
        } catch (AuthorizationException e) {
            e.printStackTrace();
            return "没有权限";
        }
        return "login success";
    }

    //注解验角色和权限
    @RequestMapping("/my/{name}/{password}")
    @RequiresRoles("admin")
    @RequiresPermissions("query")
    public String my(@PathVariable("name") String name, @PathVariable("password") String password) {

        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(
                name,
                password);
        try {
            subject.login(usernamePasswordToken);
        } catch (AuthenticationException e) {
            e.printStackTrace();
            return "账号或密码错误！";
        } catch (AuthorizationException e) {
            e.printStackTrace();
            return "没有权限";
        }
        // return ssi.selectAll();
        return "success!";
    }


    @RequestMapping("/login2/{name}/{password}")
    public String login2(@PathVariable("name") String name, @PathVariable("password") String password) {
        //添加用户认证信息
        User user=new User();
        user.setUsername(name);
        user.setPassword(password);

        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(
                user.getUsername(),
                user.getPassword()
        );
        try {
            //进行验证，这里可以捕获异常，然后返回对应信息
            subject.login(usernamePasswordToken);
            subject.checkRole("admin");//如果查询的用户没有admin这个角色,就会报异常,不允许访问
            subject.checkPermission("query");//如果查询的用户没有query,add权限,就会报异常,不允许访问
        } catch (AuthenticationException e) {
            e.printStackTrace();
            return "账号或密码错误！";
        } catch (AuthorizationException e) {
            e.printStackTrace();
            return "没有权限";
        }
        return "login success";
    }
}
